In a paper published in Proceedings of the National Academy of Sciences, researchers from Technion and Tel Aviv University ...
Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.